package com.yboot.starter.tenant.core.security;

import com.fasterxml.jackson.databind.ObjectMapper;
import com.yboot.starter.tenant.config.TenantProperties;
import com.yboot.starter.tenant.core.api.TenantIdApi;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.web.filter.OncePerRequestFilter;

/**
 * // SecurityConfig配置时候
 * if (CollectionUtils.isEmpty(this.httpSecurityConfigurers)) {
 *             return (SecurityFilterChain)http.build();
 *         } else {
 *             Iterator var2 = this.httpSecurityConfigurers.iterator();
 *
 *             while(var2.hasNext()) {
 *                 HttpSecurityConfigurer httpSecurityConfigurer = (HttpSecurityConfigurer)var2.next();
 *                 httpSecurityConfigurer.configure(http);
 *             }
 *
 *             return (SecurityFilterChain)http.build();
 *         }
 */
// @TODO 需要优化 此处是注册security的用法
public class TenantSecurityHttpSecurityConfigurer
      //  implements HttpSecurityConfigurer
{
    final TenantProperties tenantProperties;
    final TenantIdApi tenantIdApi;
    final ObjectMapper objectMapper;

    public TenantSecurityHttpSecurityConfigurer(TenantProperties tenantProperties,
                                                TenantIdApi tenantIdApi,
                                                ObjectMapper objectMapper) {
        this.tenantProperties = tenantProperties;
        this.tenantIdApi = tenantIdApi;
        this.objectMapper = objectMapper;
    }

    public void configure(HttpSecurity builder) throws Exception {
        TenantContextFilter filter = new TenantContextFilter(this.tenantIdApi, this.objectMapper);
        filter.ignoredAntPatterns(this.tenantProperties.getTenantFilterExcludes());
//        builder.addFilterAfter(filter, SaTokenVerifyAuthenticationFilter.class);
        builder.addFilterAfter(filter, OncePerRequestFilter.class);
    }
}
